Security Basics mailing list archives
Re: Securing Printers
From: "Frank T. Clark" <fclark () lanl gov>
Date: Tue, 16 Nov 2004 15:37:45 -0700
I'd like to add to this that in most of the new HP printers, and some of the old ones, there is a "RAM DISK" that is NFS world read/write.
The newer units can turn this off via the web configuration tool, the older ones you need to use the buttons on the console and the old menu system, or telnet in.
I can think of 1 fun little exploit for the printers (look on ./ for hp printer hack, posted April fools day last year)...... Changing the screen on the printers can cause chaos.
This is even easier to do now thanks to WebJetDirect and ppl who don't secure their printers with passwords.
Aside, I'd like to hear more about priv escalation on printers.
Current thread:
- Securing Printers Bryce Embry (Nov 15)
- RE: Securing Printers Yvan G.J. Boily (Nov 15)
- Re: Securing Printers Virgo Pärna (Nov 16)
- RE: Securing Printers David Gillett (Nov 15)
- Re: Securing Printers Ed Donahue (Nov 16)
- Re: Securing Printers Zurt (Nov 16)
- Re: Securing Printers Matthew Romanek (Nov 16)
- RE: Securing Printers Corey Watts-Jones (Nov 19)
- Re: Securing Printers Jonathan Kline (Nov 16)
- Re: Securing Printers Frank T. Clark (Nov 16)
- Re: Securing Printers xyberpix (Nov 16)
- Re: Securing Printers Peter Wan (Nov 16)
- Re: Securing Printers Spigga (Nov 16)
- <Possible follow-ups>
- RE: Securing Printers Julen C (Nov 16)
- RE: Securing Printers Dubber, Drew B (Nov 16)
- RE: Securing Printers Dante Mercurio (Nov 17)
- RE: Securing Printers Samuel Petreski (Nov 18)
- Re: Securing Printers Adam Jones (Nov 19)
- RE: Securing Printers Samuel Petreski (Nov 18)
- RE: Securing Printers Herbold, John W. (Nov 19)
- RE: Securing Printers Corey Watts-Jones (Nov 22)
(Thread continues...)
- RE: Securing Printers Yvan G.J. Boily (Nov 15)